News, facts, musings and opinions, and current legal events in Delaware.

Friday, May 31, 2002

old addresses, new owners...

You go to visit a favorite web site. It might even be one that you link to on your own web page. Instead of information on your hobby, or the quirky words and witticisms of your favorite online writer, you find pornography or a gambling site or a placeholder page that informs you that the site is under development. Even worse, your child goes to one of their favorite web sites from a bookmarks' list, or a desktop shortcut, and in place of the wholesome goodness that previously existed at the address, hard-core pornography appears on the screen.

When people allow their web site's domain name registration to expire, a number of companies have jumped in to register the name, and may have the opportunity to take advantage of some of the traffic that had been going to the site previously under that name. Affected sites have included web pages such as the ones run by the "Cape Cod History Society and the International Lutheran Woman's Missionary League." Schools, churches, civic associations, and personal web pages are often not sites that have had their names trademarked, and the former owners might have difficulties under the present arbitration system getting their site's name back. Search engines and directories often don't have a chance to notice the changes in the content of the pages resulting from new ownership.

An article which describes this practice, also covers some proposals that the organization that regulates the domain name system is considering, in response to a high volume of complaints. That body is the Internet Corporation For Assigned Names and Numbers (ICANN). ICANN regulates the system and oversee a number of companies are the "sellers" of domain names - each of which has their own business practices. While those companies, or registrars, are accredited by ICANN and have to follow certain guidelines, there is a lot of room for differences in the ways that they operate.

The best practice is for the holder of a domain name to not let their registration lapse in the first place. But, for any number of reasons, owners of a number of web sites have failed to renew their registrations. Some may not want to continue with that particular name. Many people registered their web sites under more than one name, thinking that there was a need to protect a name by registering it with different spellings, or with different suffixes - i.e., mysite.com, mysite.net, mysite.org.

Others may not have updated the contact information that they used when they originally registered, and did not receive notices informing them that the name was going to expire. There may have been problems with the method the registrar used to contact the person who registered to inform them of the expiration. Administrative mistakes on the registrar's part could result in a premature end to the registration period. The possibility of fraudulent transfers of ownership of a domain name, though hopefully very limited in practice, also exists.

When rights to use of a domain name expire through a failure to renew, what's wrong with another person or company using the name? Isn't that why there are expiration dates - to allow others a chance to use an unwanted address? There are legitimate reasons to want to take over many web addresses. It is a possibility that some of the companies rushing in to reregister expired names are doing so to try to make a quick profit. And this profit would be made not by the traffic to the new pages under the old name, but rather by having the previous owner pay to have ownership transfered back to them:

Mary Hewitt, a spokesperson for the Internet Corporation For Assigned Names and Numbers (ICANN), the organisation governing the Internet, said there were no statistics on the numbers of hijacked websites but that the group had received many complaints.

Hewitt said the practice is not illegal, although some authorities, notably in the United States, could prosecute someone for blackmail if it could prove a site was registered with that intent.

So, can ICANN do something to avoid this type of problem, and help to make it more likely that when a domain name expires, it's because the previous owner didn't want to use the name anymore, rather than because of a failure to renew a wanted name? Last week, we included links to a couple of articles by Harvard Student Ben Edelman who wrote about the reregistration of domain names. His studies and articles are hopefully fueling a proposal to change this system to make it less likely that unintentional transfers of ownership happen:

ICANN is studying a proposal to give website owners a 30-day grace period before expired domain names are opened up to new buyers, Hewitt said.

Edelman recommends a 90-day grace period that would keep expired names out of the hands of resellers.

"The right policy lets the original registrant get the domain name back," he said.

Of course, the grace period isn't helpful unless the site's owner is provided notice of the expiration. That could mean that the person who originally registered the site needs to make certain that contact information remains up-to-date. The registrar of the site could also take the step of redirecting attempts to visit a site with an expired name to make them arrive at a page that warns that the registration has expired during that "grace period." The notice would also allow visitors to the site to contact the owner of the site, or to remove bookmarks and shortcuts from their computers. It would also enable search engines and directories to update their indexes.

Purchasing an expired name to use in a different manner than a previous owner, or to resell, can be a legitimate business practice. The transfer of those domain names should allow visitors, and the previous owners, a reasonable period of time to become aware of the expiration and the possibility of a change in the content of the site. ICANN can do this by requiring a grace period and online notification by the registrar of the domain name expiration at the address in question.

If you are interested in helping to shape the policies of ICANN, and would like to see them address this problem (or any others), they do accept comments from the public. The ICANN Evolution and Reform Comments page gives more details on how to comment, and allows you to see comments made by others.